Regular patch schedules "two edged sword"

A security analyst Thursday took aim at the practice of some vendors to roll out patches on regular schedules, calling the practice a "two-edged sword".

A slowly-growing number of major software developers — in particular but not limited to operating system makers — now schedule hard dates for patch releases, rather than roll them out when they're finished. Such regularly patching has been popularised by Microsoft, which began the practice in October 2003, but it's been mimicked by the likes of Apple and Oracle. Thursday, Adobe added itself to the group, saying it would begin monthly patching in 2006.